10 of 214 total reports
Conduent disclosed a breach impacting over 10.5 million individuals after attackers maintained access from October 21, 2024 to January 13, 2025—85 days of dwell time before detection. SafePay ransomware gang claimed resp…
Category: Data Breach / Enterprise / Enterprise
CVE-2025-9491 (aka ZDI-CAN-25373) is a Windows LNK file vulnerability that state actors have quietly exploited since at least 2017. The technique is elegant: attackers embed command-line arguments in LNK Target fields bu…
Category: Vulnerabilities / Microsoft / Microsoft
CISA warns ransomware gangs are exploiting CVE-2024-1086, a Linux kernel use-after-free bug in netfilter: nf_tables that was introduced in 2014 and patched in January 2024. The vulnerability enables local privilege escal…
Category: Vulnerabilities / Linux / Linux
PhantomRaven campaign flooded npm with 200+ malicious packages (86,000+ potential victims) using a new evasion tactic: remote dynamic dependencies. What's clever: packages advertise 'zero dependencies' for false safety, …
Category: Threat Intelligence / Supply Chain / Supply Chain
APT28 (Fancy Bear) ran a sophisticated spearphishing campaign against financial institutions from January 15 to March 31, 2023, reportedly compromising dozens of systems. What's notable: the campaign integrated a custom …
Category: Threat Intelligence / APT / APT
Unit 42 discovered agent session smuggling, a technique where malicious AI agents exploit the Agent2Agent (A2A) protocol's stateful nature to inject covert instructions into victim agents. What's fascinating: this doesn'…
Category: Threat Intelligence / AI Security / AI Security
Russia-linked Sandworm (UAC-0082, UAC-0145, APT44, Seashell Blizzard) conducted a two-month campaign against a major Ukrainian business services company and a week-long attack on a state entity starting late June 2025. W…
Category: Threat Intelligence / APT / APT
CISA and NSA issued advisory on hardening on-premises Microsoft Exchange Server instances amid persistent attack surge. The guidance follows CISA's August warning about CVE-2025-53786, a high-severity post-auth vulnerabi…
Category: Advisory / Microsoft / Microsoft
Microsoft disclosed CVE-2025-12444, a Chromium vulnerability involving incorrect security UI behavior when browsers enter fullscreen mode. The flaw allows malicious web pages to spoof browser elements and mislead users i…
Category: Vulnerabilities / Browser / Browser
Canonical issued USN-7835-4 addressing critical Linux kernel vulnerabilities affecting Ubuntu 22.04 LTS and hardware enablement (HWE) variants. The advisory resolves multiple privilege escalation and denial-of-service is…
Category: Advisory / Linux / Linux